Post Tagged with: "opc"

Privacy Please by ricky montalvo (CC BY-ND 2.0) https://flic.kr/p/8RF3Ez

A Failure of Enforcement: Why Changing the Law Won’t Fix All That Ails Canadian Privacy

Canadian Privacy Commissioner Daniel Therrien renewed his call for an overhaul of Canada’s private-sector privacy legislation this week. Responding to a national data consultation launched by Innovation, Science and Economic Development Minister Navdeep Bains, Therrien recommended enacting a new law that would include stronger enforcement powers, meaningful consent standards and the extension of privacy regulations to political parties. My Globe and Mail op-ed argues that while the need for a modernized privacy statute has been evident for some time, Canada’s privacy shortcomings are not limited to a decades-old legal framework struggling to keep pace with technological change.

Read more ›

December 7, 2018 7 comments Columns
Five Data Privacy Principles from Mozilla (Put on a museum wall) 2014 by Ann Wuyts (CC BY 2.0) https://flic.kr/p/pVKYKn

Do You Consent? Four Ways to Strengthen Digital Privacy

Privacy laws around the world may differ on certain issues, but all share a key principle: the collection, use and disclosure of personal information requires user consent. The challenge in a digital world where data is continuously collected and can be used in a myriad of previously unimaginable ways is how to ensure that the consent model still achieves the objective of giving the public effective control over their personal information.

The Office of the Privacy Commissioner of Canada released a discussion paper earlier this year that opened the door to rethinking how Canadian law addresses consent. The paper suggests several solutions that could enhance consent (greater transparency in privacy policies, technology-specific protections), but also raises the possibility of de-emphasizing consent in favour of removing personally identifiable information or establishing “no-go” zones that would regulate certain uses of information without relying on consent.

My weekly technology law column (Toronto Star version, homepage version) notes that the deadline for submitting comments concludes this week and it is expected that many businesses will call for significant reforms to the current consent model, arguing that it is too onerous and that it does not serve the needs of users or businesses. Instead, they may call for a shift toward codes of practice that reflect specific industry standards alongside basic privacy rules that create limited restrictions on uses of personal information.

Read more ›

August 2, 2016 4 comments Columns
Bell by Mike Schaffner (CC BY-NC-ND 2.0) https://flic.kr/p/g4EcLg

Why the Privacy Commissioner Doesn’t Need Legal Reforms To Require Transparency Reports

Privacy Commissioner of Canada Daniel Therrien was in the news this week as he expressed concern with the evasiveness of Canada’s spy agencies and the ongoing refusal of some of Canada’s telecom companies (namely Bell) to issue transparency reports. I’ll have more to say about privacy and government agencies in my technology law column next week, but on the issue of telecom transparency reports, I believe that Therrien already has the necessary legal mandate to act now. Therrien urged all telecom companies to release transparency reports, noting:

“I think Canadians are telling us, first of all, that they would much prefer that data be shared from telcos to government only with a warrant, with a court authorization. But when that does not happen, Canadians expect that there be transparency…frankly, if there’s not more progress I will continue to call for legislation on this issue.”

I wrote about why Canada’s telecom transparency reporting still falls short late last month, emphasizing that a non-binding approach to transparency reporting has been a failure.

Read more ›

June 10, 2016 4 comments News
Office of the Privacy Commissioner Memorandum, October 28, 2014

Secret Memo Reveals RCMP Records on Requests for Subscriber Data “Inaccurate and Incomplete”

Last fall, Daniel Therrien, the government’s newly appointed Privacy Commissioner of Canada, released the annual report on the Privacy Act, the legislation that governs how government collects, uses, and discloses personal information. The lead story from the report was the result of an audit of the Royal Canadian Mounted Police practices regarding warrantless requests for telecom subscriber information.

The audit had been expected to shed new light into RCMP information requests. Auditors were forced to terminate the investigation, however, when they realized that Canada’s national police force simply did not compile the requested information. When asked why the information was not collected, RCMP officials responded that its information management system was never designed to capture access requests.

While that raised serious concerns – the RCMP has since promised to study mechanisms for reporting requests with recommendations expected in April – my weekly technology law column (Toronto Star version, homepage version) reports that documents recently obtained under the Access to Information Act reveal that the publicly released audit results significantly understated the severity of the problem. Indeed, after the draft final report was provided to the RCMP in advance for comment, several of the findings were toned down for the public release.

Read more ›

March 2, 2015 8 comments Columns

Privacy Commissioner of Canada Launches Online Complaint Form

The Privacy Commissioner of Canada has launched a new online complaint form that will allow Canadians to file privacy complaints via the Internet.

Read more ›

August 24, 2012 3 comments Must Reads